Attention: The forums will be placed on read only mode this Saturday (Oct. 20, 2018)

During this outage (6:30 AM to 8 PM PDT) the forums will be placed on read only mode. We apologize for this inconvenience. Click here to read details

Spyware, Viruses, & Security forum

Alert

NEWS - January 23, 2015

by Carol~ Moderator / January 22, 2015 11:13 PM PST
Adobe to Patch Critical Flash Player Zero-day Vulnerability Used in Active Attacks

After saying early Thursday that it was investigating reports of a critical zero-day vulnerability affecting its Flash Player that is being exploited in the wild, Adobe Systems issued a security advisory late Thursday, stating that it expects to have a patch available for the flaw during the week of Jan. 26.

The critical vulnerability (CVE-2015-0311) exists in Adobe Flash Player 16.0.0.287 and earlier versions for Windows and Macintosh, Adobe confirmed its advisory.

The vulnerability was discovered by French security researcher "Kafeine" while analyzing an instance of the Angler exploit kit, and successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.

Continued : http://www.securityweek.com/adobe-patch-critical-zero-day-vulnerability-used-active-attacks

Related:
Critical Flash Player hole plugged, another still unpatched and exploited
Adobe Patches One Zero Day in Flash, Will Patch a Second Flaw Next Week
Adobe to release patch next week for 'critical' Flash zero-day under attack

See: UPDATE: Security Advisory for Adobe Flash Player (APSA15-01)
Discussion is locked
You are posting a reply to: NEWS - January 23, 2015
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - January 23, 2015
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Google discloses three severe vulnerabilities in Apple OS X
by Carol~ Moderator / January 23, 2015 12:24 AM PST

"Researchers with Google's Project Zero security team say they've found three flaws with high severity that have yet to be patched."

Although each of the flaws requires an attacker to have access to a targeted Mac, they could all contribute to a successful attempt to elevate privilege levels and take over a machine.

The first flaw, "OS X networkd "effective_audit_token" XPC type confusion sandbox escape," involves circumvention of commands in the network system and may be mitigated in OS X Yosemite, but there is no clear explanation of whether this is the case. The second vulnerability documents "OS X IOKit kernel code execution due to NULL pointer dereference in IntelAccelerator." The third one, "OS X IOKit kernel memory corruption due to bad bzero in IOBluetoothDevice." includes an exploit related to OS X's kernel structure.

Continued : http://www.cnet.com/news/google-team-finds-three-severe-vulnerabilities-in-apple-os-x/

Related:
Google discloses three OS X 0-days
Unpatched Apple Vulnerabilities Latest Google Project Zero Disclosures

Collapse -
HealthCare.gov Sends Personal Data to Dozens of Tracking ..
by Carol~ Moderator / January 23, 2015 12:24 AM PST
.. Websites

The Associated Press reports that healthcare.gov-the flagship site of the Affordable Care Act, where millions of Americans have signed up to receive health care-is quietly sending personal health information to a number of third party websites. The information being sent includes one's zip code, income level, smoking status, pregnancy status and more. [Screenshot]

EFF researchers have independently confirmed that healthcare.gov is sending personal health information to at least 14 third party domains, even if the user has enabled Do Not Track. The information is sent via the referrer header, which contains the URL of the page requesting a third party resource. The referrer header is an essential part of the HTTP protocol, and is sent for every request that is made on the web. The referrer header lets the requested resource know what URL the request came from. This would for example let a website know who else was linking to their pages. In this case however the referrer URL contains personal health information.

Continued : https://www.eff.org/deeplinks/2015/01/healthcare.gov-sends-personal-data

Related : HealthCare.gov sends out users' personal info to ad companies
Collapse -
Holes in Progressive Dongle Could Lead to Car Hacks
by Carol~ Moderator / January 23, 2015 12:24 AM PST

A device that a popular car insurance company sends to customers to keep track of their driving and reduce their rate may be insecure and could be used to take control of a user's vehicles.

Progressive manufactures the device, a dongle called Snapshot that plugs into the OBD-II diagnostic port on most cars. Cory Thuen, a security researcher at Digital Bond Labs described at a security conference last week how the device could be used to hack into some vehicles' onboard networks.

The device, already in use in two million cars across the U.S., is designed to capture users' driving habits in order to get them a better rate on car insurance. Thuen took Progressive up on an offer the company runs where they can offer anyone who wants to try out the device a free trial.

Continued : http://threatpost.com/holes-in-progressive-dongle-could-lead-to-car-hacks/110511

Related:
Security MIA In Car Insurance Dongle
Wireless device in two million cars wide open to hacking

Collapse -
Mobile Banking Apps Are Risky Business for Android Users
by Carol~ Moderator / January 23, 2015 2:07 AM PST

A research regarding the mobile apps used for financial transactions revealed that more than 11% of them should be considered at least suspicious, many of them containing malware and adware.

According to a study from RiskIQ, the top 90 app stores in the world host about 350,000 apps relating to banking and finance. Out of these, more than 40,000 are laced with threats or potentially dangerous components.

Trojans and adware are most prevalent

RiskIQ is a company that relies on a vast crawling infrastructure to collect real-time information from the web that would help its customers maintain the integrity of their web and mobile property.

With mobile banking becoming a more common activity all over the world, cybercriminals also adjust to the new environment. "One of the easiest ways to steal a victim's login and other personal information is using malware and apps with excessive permissions," says the company's CEO, Elias Manousos.

Continued : http://news.softpedia.com/news/Mobile-Banking-Are-Risky-Business-for-Android-Users-470918.shtml

Collapse -
Internet attack could shut down US gas stations
by Carol~ Moderator / January 23, 2015 2:08 AM PST

"More than 5,000 service stations use a monitoring unit vulnerable to attack."

A device used to monitor the gasoline levels at refueling stations across the United States—known as an automated tank gauge or ATG—could be remotely accessed by online attackers, manipulated to cause alerts, and even set to shut down the flow of fuel, according to research to be published on Thursday.

The security weakness—identified by Jack Chadowitz, a former process control engineer and founder of control-system monitoring service BostonBase—could theoretically affect the devices at many of the approximately 115,000 fueling stations in the United States, but only a small fraction of those systems—about 5,300—appear to be vulnerable to an Internet attack, according to security firm Rapid7, which conducted a scan for such devices on January 10. While automated tank gauges are typically accessed to monitor fuel inventories, so as to know when to order gasoline, attackers could also access the settings, Chadowitz said.

"One could change the calibration and make the tank report full or empty," he told Ars. "If you report the tank is full, no one is going to order fuel."

Continued : http://arstechnica.com/security/2015/01/internet-attack-could-shut-down-us-gasoline-stations/

Related : Thousands of US Gas Stations Vulnerable to Remote Hacks

Collapse -
Click-fraud malware brings thousands of dollars to YouTube..
by Carol~ Moderator / January 23, 2015 2:20 AM PST
.. scammers

A malware delivery campaign aimed at making victims' computers surreptitiously view YouTube videos and, consequently, artificially inflate their popularity so that scammers might earn money from the ads embedded in them, has been targeting users around the world for months now.

The malware that makes it possible is dubbed Tubrosa. It consists of two components: one that is delivered via spear-phishing spam emails and is installed by careless users, and the other that is downloaded and run by the first component.

The malware gets a list of nearly a thousand YouTube links from its C&C server, and it begins to open them in the background of the infected computer. In order to keep its activity as secret as possible from the user, the malware turns down the volume of the speakers. If the user does not use Adobe Flash, the malware will download it and install it so that the videos can be viewed.

Continued : http://www.net-security.org/malware_news.php?id=2945

@ the Symantec Security Response Blog: Tubrosa threat drives millions of views to scammers' YouTube gaming videos
Collapse -
Account Stealing Wallpaper App Found in Google Play Store
by Carol~ Moderator / January 23, 2015 2:57 AM PST

"Malwarebytes Unpacked" Blog:

[Screenshot] - Even when installing from the Google Play store, caution should be used when installing apps.

A good rule to follow is to ask yourself if the app being installed is asking for more permissions than what it needs to function. When it comes to a wallpaper app, the list of permissions should be rather short.

It was recently brought to our attention that there was a wallpaper app on the Google Play store that had an extra permission that didn't fit. It was using the permission GET_ACCOUNTS which allows access to list accounts.

This wallpaper app was doing a bit more than just displaying pictures on the device's background. [Screenshot]

Continued : https://blog.malwarebytes.org/mobile-2/2015/01/account-stealing-wallpaper-app-found-in-google-play-store/

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!